that the feature can be enabled during the boot process. Note the
continued limitation that FreeBSD fails so rapidly with this setting
enabled that it's hard to narrow down particular failures for
correction; we really need per-malloc type failure rates.
flag (M_DONTWAIT / M_TRYWAIT) to a malloc(9) blocking disposition flag
(M_NOWAIT, M_WAITOK). The semantic match isn't perfect, but for
scenarios where malloc data is used in the network stack, such as for
MAC labeling or for m_tags, we sometimes need to map from one to the
other to get the right blocking behavior.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
in a debugging feature causing M_NOWAIT allocations to fail at
a specified rate. This can be useful for detecting poor
handling of M_NOWAIT: the most frequent problems I've bumped
into are unconditional deference of the pointer even though
it's NULL, and hangs as a result of a lost event where memory
for the event couldn't be allocated. Two sysctls are added:
debug.malloc.failure_rate
How often to generate a failure: if set to 0 (default), this
feature is disabled. Otherwise, the frequency of failures --
I've been using 10 (one in ten mallocs fails), but other
popular settings might be much lower or much higher.
debug.malloc.failure_count
Number of times a coerced malloc failure has occurred as a
result of this feature. Useful for tracking what might have
happened and whether failures are being generated.
Useful possible additions: tying failure rate to malloc type,
printfs indicating the thread that experienced the coerced
failure.
Reviewed by: jeffr, jhb
This keeps the logical cpu's halted in the idle loop. By default
the logical cpu's are halted at startup. It is also possible to
halt any cpu in the idle loop now using machdep.hlt_cpus.
Examples of how to use this:
machdep.hlt_cpus=1 halt cpu0
machdep.hlt_cpus=2 halt cpu1
machdep.hlt_cpus=4 halt cpu2
machdep.hlt_cpus=3 halt cpu0,cpu1
Reviewed by: jhb, peter
1) Its critical for HTT. There's less foot-shooting opportunity.
2) I've seen significant improvements in interactive response to commands
over ssh sessions. I assume this is less lock contention.
3) As incentive to finish the idle cpu IPI wakeup stuff.
4) The machine on my desk was blowing hot air in my general direction
because somebody forgot to turn the hlt on, and it saves 50 watts per
cpu..
The machdep.cpu_idle_hlt sysctl is still available, but now the default
is the same as on UP kernels.
opening the POSIX fifo; convert ENXIO error returns to EOPNOTSUPP.
This improves handling of the case where the /var/run/lock fifo exists
but there is no listener: we immediately return EOPNOTSUPP rather
than blocking until a listener turns up. This could occur during a
diskless boot before rpc.lockd is loaded, or if the lock file persists
across a reboot following the disabling of rpc.lockd. This may have
suddenly started to occur due to fifo blocking fixes--previously it
looks like attempts to read on a fifo with no listener would time out
due to insufficient resources.
Reviewed by: alfred
- Add data structuress for doing 64-bit scatter/gather
- Move busdma tag creations around so that only the parent is
created in aac_pci.c.
- Retrieve the capabilities word from the firmware before setting
up command structures and tags. This allows the driver to decide
whether to do 64-bit commands, and if work-arounds are needed for
systems with >2GB of RAM.
- Only enable the SCSI passthrough if it's enabled in the capabilities
word in the firmware.
This should fix problems with the 2120S and 2200S cards in systems with more
than 2GB of RAM. Full 64-bit support is forthcoming.
MFC-After: 1 week
additional flags argument to indicate blocking disposition, and
pass in M_NOWAIT from the IP reassembly code to indicate that
blocking is not OK when labeling a new IP fragment reassembly
queue. This should eliminate some of the WITNESS warnings that
have started popping up since fine-grained IP stack locking
started going in; if memory allocation fails, the creation of
the fragment queue will be aborted.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
and be prepared to wait much longer for codec to become ready.
Credit to Hugo D. Valentim <hvalentim@gmx.net> for reporting the
problem, providing useful pointers, and repeated diff testing.
channel and disable DXS3. Several users have reported DXS3 as playing
at half speed on the 8233A revision of the chipset. This implicitly
means no SPDIF for VIA8233A users.
cdcleanup(). This fixes sysctl problems ("can't re-use a leaf") when
someone adds another peripheral at the same unit number. (e.g. rescan da0,
it goes away, then rescan again and da0 comes back, but since we haven't
cleaned up the sysctl variables from the last da0 instance, we can't
register the variables for the new instance under the same name.)
Reported by: njl
Tested by: njl
- Don't try to fragment the packet if it's smaller than mbuf_frag_size.
- Preserve the size of the mbuf chain which is modified by m_split().
- Check that m_split() didn't return NULL.
- Make it so we don't end up with two M_PKTHDR mbuf in the chain.
- Use m->m_pkthdr.len instead of m->m_len so that we fragment the whole
chain and not just the first mbuf.
- Fix a nearby style bug and rework the logic of the loops so that it's
more clear.
This is still not quite right, because we're clearly abusing m_split() to
do something it was not designed for, but at least it works now. We
should probably move this code into a m_fragment() function when it's
correct.
The former fakes a valid response to an inquiry command. (I am completely
blown away that there are devices which hang upon receiving inquiry). The
latter returns "invalid request" to any inquiry commands with EVPD set.
NO_INQUIRY implies NO_INQUIRY_EVPD but not vice versa. Both quirks have been
tested separately on my USB key although it didn't require either of them.
While I'm here, fix wildcarding so that any/all of vendor, product, revision
can be wildcarded.
Idea from: Linux
MFC after: 2 weeks
allows you to tell ip_output to fragment all outgoing packets
into mbuf fragments of size net.inet.ip.mbuf_frag_size bytes.
This is an excellent way to test if network drivers can properly
handle long mbuf chains being passed to them.
net.inet.ip.mbuf_frag_size defaults to 0 (no fragmentation)
so that you can at least boot before your network driver dies. :)
functionality for the following entry pints:
mac_test_init_proc_label()
mac_test_destroy_proc_label()
For process labeling entry points, now also track the use of process
labels and test assertions about their integrity and life cycle.
mac_test_thread_userret()
mac_test_check_kenv_dump()
mac_test_check_kenv_get()
mac_test_check_kenv_set()
mac_test_check_kenv_unset()
mac_test_check_kld_load()
mac_test_check_kld_stat()
mac_test_check_kld_unload()
mac_test_check_sysarch_ioperm()
mac_test_check_system_acct()
mac_test_check_system_reboot()
mac_test_check_system_settime()
mac_test_check_system_swapon()
mac_test_check_system_swapoff()
mac_test_check_system_sysctl()
For other entry points, just provide testing stubs.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
for enforcement:
mac_mls_check_system_swapon() - Require that the subject and the
swapfile target vnode labels dominate one another. An additional
check is probably needed here to require that the swapfile target
has a label of mls/high to prevent information leakage through
swapfiles.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
include a new entry point available for enforcement:
mac_bsdextended_check_system_swapon() - Apply extended access
control checks to the file target of swap.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
points available for enforcement:
mac_biba_check_sysarch_ioperm() - Require Biba privilege to make
use of privileged machine-dependent interfaces, protecting against
bypass of the policy via various mechanisms.
mac_biba_check_system_swapoff() - Require Biba privilege to disable
swapping against a vnode target.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
where physical addresses larger than virtual addresses, such as i386s
with PAE.
- Use this to represent physical addresses in the MI vm system and in the
i386 pmap code. This also changes the paddr parameter to d_mmap_t.
- Fix printf formats to handle physical addresses >4G in the i386 memory
detection code, and due to kvtop returning vm_paddr_t instead of u_long.
Note that this is a name change only; vm_paddr_t is still the same as
vm_offset_t on all currently supported platforms.
Sponsored by: DARPA, Network Associates Laboratories
Discussed with: re, phk (cdevsw change)
flexible process_fork, process_exec, and process_exit eventhandlers. This
reduces code duplication and also means that I don't have to go duplicate
the eventhandler locking three more times for each of at_fork, at_exec, and
at_exit.
Reviewed by: phk, jake, almost complete silence on arch@
is set to 0, it now has the same affect as setting witness_dead used to
have.
- Added a sysctl handler that allows root to change witness_watch from a
non-zero value to zero to disable witness at runtime. Note that you
can't turn witness back on once it is off. You can only turn it off as
a one-way switch.
- Added a comment describing the possible values of witness_watch.
